Big data sheet collection

Friends who are familiar with the officers, definitely be unfamiliar with the pool.

He is used to support the entire rhythmic show, the segment is dense, and the amount of information is large. In the early “Tucao Conference”, he is the closest to the American detachment show, so it quickly formed his own distinctive style, and also had a group of fans belonging to him. This is a lot of classic segments that have been accounted for in the offshore show market after 95 of Beijing.

Although finally unhappy with the old Dongjia laugacu culture, the fans who have accumulated the show period of the show will be super high concern. He has a self-contained flow physique, and there is no less hot search in the near future, and the incident of him will always trigger the public’s attention and discussion. In this, there is a thing to be boiling, which is the bank’s disclosure of the pool’s personal data.

“Lucky” victim

The incident was due to the contract of the Show show actor pool and Shanghai Laughter Culture Media Co., Ltd.

The pool is written in personal microblogging to point out that there is a default of the laughter culture, because the company arrears a lot of enforcement compensation, and the company does not follow the contract to the pool. After he proposed a disagree, the company tried to stop all of its work, the pool has proposed peaceful solutions, but the company disagree, so he can only ask for arbitration, I hope that the company can pay the remuneration. However, Shanghai Laughter Culture Media Co., Ltd. also proposed arbitration to let the pool compensate more than 3 million. “

Shanghai Laughing Culture Media Co., Ltd. obtained the pool in the bank’s nearly two years of water, which is still in the case of his bank card, ID card, and judicial organ investigation order. The pool said that in the case of the company, it has discovered the details of the personal account transaction in the bank. This is a real handleman.

In this regard, CITIC Bank replied: “This is a match with big customers.”

The news has been sent out to get widespread attention.

Undoubtedly, with the identity of the Dragon of the show and through the program “Decades”, the pool privacy data is leaked by banks, but the data security issues exposed through an accidental event are hidden. For a long time, behind this is more “silent” victims, those who are in the shadows outside the spotlight, standing on the one end of the tilt of the balance, they are not concerned.

Under the influence of public opinion, the Bank of China subsequently intervened.

SINICA: In March 2020, CITIC Bank provides personal bank account transaction details to third parties without the authorization of our customers, violating the principle of confidentiality for depositors. Our bureau will launch the investigation and investigation procedures in accordance with relevant laws and regulations, and strictly investigate and punish according to law.

Do you have contact sales and service personnel abide by data protection?

Personal bank account trading details are important personal privacy, and the law stipulates that the bank cannot pay personal account transactions to third parties. CITIC Bank This incident has touched legal issues, although the bank said that this banking water is leaked by staff, it is still difficult to escape.

Because there is contractual relationship with the depositors, banks should perform their obligations according to law, properly keep customers’ personal information, such as flow, deposit balance, etc.

Legal provisions such as “Commercial Bank Law”, “Consumer Rights Protection Law”, due to management of personal information leakage of depositors due to management vulnerabilities or technical vulnerabilities, banks need to undertake corresponding administrative responsibilities and civil liability.

If the bank staff uses the position to provide customers’ bank flow, although it does not belong to the bank’s active act, it belongs to the illegal operational behavior of employees, but banks should do the relevant management responsibilities, and should violate their banks Behavior is responsible. If bank flow is disclosed by banks, the bank’s behavior not only constitutes civil infringement, but may be criminalized.

Article 253 of the Criminal Law stipulates that violations of the relevant provisions of the State, selling or providing citizens for others, serious circumstances, in prison or criminals within three years, and a penalty of gold; three years, more than three years In prison below the year, it is penalized.

Whether banking deliberately leaked out, or personal use of duties, it may be suspected of constituting the crime of violations of citizens.

The basic principles of my country’s banking and credit cooperatives are the fundamental principles of deposits, voluntarily, free payment, and interest rates, for the deposit, banks absorb all deposits must adhere. Due to the data leakage phenomenon caused by employee work, it reflects that corporate training is not in place. It has been in charge of employee professional ethics, which leads to the painful lesson of CITIC Bank because they have been unrestrained and “throwing watermelon”. Lost as the most basic reputation of the bank and the trust of customers, and this is not worthless.

In addition, individuals should also pay attention to the data leakage caused by itself, when proceeding with loans, abroad, etc., should be properly kept, preventing data security hazards such as bank flow leakage.

Error authentication method

Data leaks, “Data Security Guide” This book analyzes the data leaks around us from the government, law, and practical multi-angle, and the author also pointed out such problems in the book. Employees call out the details from the bank’s database to check:

Employee: “Sir, is your name ¡Á ¡Á ¡Á?”

Customer: “Yes!”

Employee: “Your ID number is ¡Á ¡Á¡Á¡Á¡Á¡Á¡Á¡Á?”

Customer: “Yes!”

Employee: “Your birthday is ¡Á ¡Á month ¡Á day?”

Customer: “Yes!”

Such a verification method is panicked, then how should bank employees do authenticate? The author is considered in the “Data Security Guide”, in fact, it can:

“Sir, your name is?”

“Your ID number?”

“Your birthday?”

This question can better protect customer privacy and protect its data security. According to the initial inquiry method of the clerk, the criminal machine will bring the criminal machine. After the bank card is obtained by the criminals, when it comes to the bank’s replacement new bank card, you can understand the specific information of the card main information, and he doesn’t have to know who this card is in the end. Visit the bank account, let go of the deposit!

At the same time, there is also a case where the bank is missing from the lack of more than many training for employees. Organization should know that people are usually the weakest rings throughout the security system.

Organization should ensure that all employees are trained, know the correct authentication process, avoid disclosing the customer’s data for unauthorized access to customer personal data, or unintentional to erroneous people disclose the customer’s data.

Correct authentication method

In the “Data Security Guide”, the author found that recently, banks and credit card issuers enhance the authentication process. He believes that they realize that it is very easy to get a person’s information. (For example, people often provide this information when drawing or register.)

Bank and credit card issuers will now ask a question to verify the identity of the customer. For example, “You have opened a few accounts here” “A few departments hanging on this account” “You have a few bank cards in my line”.

He got an example in the book:

Once, I made a hotline of a bank, ready to activate the bank to send a new bank card in my home, it is really hard. Customer service asked me: “Which year is you open in our bank?” I tried to the customer service theory, my account was many years ago, I can’t remember which year. Customer service is very patient to help me recall, she asked: “Where did you have this record?” I said no, the customer service will say: “Sorry, Mr., I can’t activate your new bank by phone. Card. You need to be authenticated with your bank card and ID card to our bank. After the verification is successful, this card can be activated. “

He didn’t feel dissatisfied because of the time to take the time to run this simple step, but in contrast, he believes that this bank will properly deal with the customer’s personal data.

Because it uses strict programs to verify the identity of the customer, even refused to provide relevant services to customers in the phone. This bank has won the author’s trust in personal data protection, which has adopted the necessary protection measures and verification procedures to protect their personal data.

In addition, what is considered that banks have also been well trained for employees: employee know how to refuse to continue providing services when customers have not passed strict authentication programs.

According to the protection principle required by the data protection method, organizations should take reasonable safety measures to protect their own or control personal data. The authors pointed out that when he asked if he asked his behavior, the answer was mostly answering the answer to the organization’s documents, and they have also trained employees.

However, such a measure is just to make the organization legally compliant, and it is not necessarily operational compliance. Only information security policies and measures are implemented, and they embed operational processes, and organizations can do operation compliance.

Let employees know what is the data protection law, does not equalize how they abide by the data security law, and the latter also includes enforcement of information security policies. The organization should conduct a data protection operation site inspection, and ensure that the organization’s information security policy has been revised, and the organization’s information security vulnerability has been processed.

Written in the last

At present, about 90 countries and regions have developed personal information protection laws, while China’s “Data Safety Law of the People’s Republic of China” Data Safety Law (Draft) has publicly solked the public opinions in July 2020. All companies and individuals face the data protection law or later, and regard the data protection law as part of daily life and work. There are many ways to neglect in the field of data protection and privacy, organizations and individuals.

Some problems are easily ignored by us in practice, especially when we are busy. Some other questions are not so obvious. For example, many people don’t know the multi-function device, such as a hard drive in the printer in the office, handle data in the hard disk when the machine is discarded.

Some solutions can be easily implanted in the daily process, such as turning the front desk computer screen and the closed-circuit monitor, and does not let the people passing.

There are also some solutions that need to be trained, so that all employees consciously play their roles, such as employees need to know how to securely transmit confidential documents, and regularly clean up the mailbox, delete their no longer needed.

No matter how it recognizes the importance of operating compliance in data protection, it has data security awareness and a certain data protection method to better integrate into this big data era.